CN111784337B - Authority verification method and system - Google Patents

Authority verification method and system Download PDF

Info

Publication number
CN111784337B
CN111784337B CN201910273140.9A CN201910273140A CN111784337B CN 111784337 B CN111784337 B CN 111784337B CN 201910273140 A CN201910273140 A CN 201910273140A CN 111784337 B CN111784337 B CN 111784337B
Authority
CN
China
Prior art keywords
query
verification
request
data
target user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910273140.9A
Other languages
Chinese (zh)
Other versions
CN111784337A (en
Inventor
李艺
王蜀洪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huakong Tsingjiao Information Technology Beijing Co Ltd
Original Assignee
Huakong Tsingjiao Information Technology Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huakong Tsingjiao Information Technology Beijing Co Ltd filed Critical Huakong Tsingjiao Information Technology Beijing Co Ltd
Priority to CN201910273140.9A priority Critical patent/CN111784337B/en
Priority to PCT/CN2020/083174 priority patent/WO2020200306A1/en
Publication of CN111784337A publication Critical patent/CN111784337A/en
Application granted granted Critical
Publication of CN111784337B publication Critical patent/CN111784337B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/03Credit; Loans; Processing thereof

Abstract

The application provides a permission verification method and a permission verification system. The right verification method is executed in a first verification system and comprises the following steps: receiving a verification request sent by a second verification system; wherein the authentication request comprises a first type of encrypted query request for obtaining a query result of a target user from a group of users; wherein the authentication request is used to authenticate that the action that initiated the authentication request is authorized by a target user; the dimension of the query request is at least one dimension; a verification operation is performed based on the verification request and using at least one type of attestation information. The present application performs an authentication operation based on the authentication request using at least one attestation information for attesting to the fact that the act of initiating the authentication request was authorized by the target user.

Description

Authority verification method and system
Technical Field
The application relates to the technical field of secure data processing, in particular to a method and a system for verifying authority.
Background
Data query systems such as business credit, personal information credit and the like, and even data query systems such as booking houses, industry supervision and the like containing sensitive data and business confidentiality are required to provide data security assurance so as to reduce or even avoid sensitive data leakage. For example, the utilization of data queries to divulge sensitive data in social networking sites is avoided. As another example, avoiding data queries with the proxy platform from compromising sensitive data by the proxy platform. For this purpose, enterprises and institutions holding sensitive data limit the use of related databases by limiting rights. However, there are now a large number of companies that offer loans to customers on different scales. These loan companies include commercial banks, small loan companies, trust companies, and the like. Sometimes, because a single borrower may not be able to provide sufficient loans to borrowers, the borrower may borrow money from multiple borrowers. This allows the lender to want to query the borrower's loan information to evaluate his credit before making a loan decision. For example, a borrower may want to know whether the borrower borrowed too much money from other borrowers before borrowing the borrower.
In a real-world environment, dishonest inquirers may deceive others and violate privacy and authorization. The inquirer may make an invalid inquiry and an unauthorized inquiry.
Disclosure of Invention
In view of the above drawbacks of the prior art, an object of the present application is to provide a method and a system for verifying authority, which are used for solving the vulnerability of authority verification in network operation in the prior art.
To achieve the above and other related objects, a first aspect of the present application provides a rights verification method, which is executed in a first verification system, including: receiving a verification request sent by a second verification system; wherein the authentication request comprises a first type of encrypted query request for obtaining a query result of a target user from a group of users; wherein the authentication request is used to authenticate that the action that initiated the authentication request is authorized by a target user; the dimension of the query request is at least one dimension; a verification operation is performed based on the verification request and using at least one type of attestation information.
In certain embodiments of the first aspect of the present application, the step of performing the authentication operation based on the authentication request and using the at least one piece of attestation information comprises the steps of: verifying the identity of the target user in the verification request submitted by the second verification system by using the first certification information from the target user; and verifying whether the verification request submitted by the second verification system is authorized by the target user by using second proving information from the second verification system.
In certain embodiments of the first aspect of the present application, the step of verifying the identity of the target user in the verification request submitted by the second verification system using the first attestation information from the target user comprises: transmitting a first random number for verifying identity authentication of the target user to the target user; receiving a second random number fed back by a target user and first proving information of the second random number; wherein the second random number is generated based on the first random number; and verifying the identity of the target user based on the first proving information and the second random number.
In certain implementations of the first aspect of the present application, the first attestation information comprises a set of sequences of values for attesting to the identity of the target user.
In certain embodiments of the first aspect of the present application, the step of verifying whether the query service submitted by the second verification system is authorized by the target user using the second attestation information from the second verification system comprises: generating a third random number for each user based on a secret key and a first random number which are independently shared with each user in the user group, so as to obtain a random number set of the corresponding user group; based on the space constructed by the dimension of the query request, corresponding each third random number in the random number set to the position representing the space; calculating each sub-query element in the sub-query request in each dimension of the query request and a corresponding third random number in the random number set, and obtaining a data set to be verified in the corresponding dimension; transmitting the obtained data set to be verified in each dimension and the random number set to a second verification system, and acquiring the fed-back second proving information; verifying that the verification request submitted by the second verification system is authorized by the target user based on the second attestation information.
In certain implementations of the first aspect of the present application, the second attestation information includes a sequence of values for attesting that the verification request is authorized by the target user.
In certain implementations of the first aspect of the present application, the step of performing the authentication operation based on the authentication request and using the at least one piece of attestation information further comprises: and verifying the format legitimacy of the query request submitted by the second verification system and subjected to the first encryption processing by using third proving information from the second verification system.
In certain embodiments of the first aspect of the present application, the step of verifying the format validity of the first type of encrypted query request submitted by the second verification system using the third attestation information from the second verification system comprises: acquiring third proving information for proving format legality of the query request in each dimension; wherein the third attestation information is generated based on the query request; and verifying the format validity of the query request based on the third proving information.
In certain implementations of the first aspect of the application, the third attestation information includes a sequence of values for attesting to the query request as to and in relation to only one user.
In certain implementations of the first aspect of the present application, the first encryption process is set based on homomorphic encryption.
The second aspect of the present application also provides a rights verification method, which is executed in a second verification system, including: transmitting a verification request to the first verification system based on a verification requirement; wherein the authentication request comprises a first encrypted query request; the query request is used for acquiring a query result of a target user from a user group, and the verification request is used for verifying that the action of initiating the verification request is authorized by the target user; the dimension of the query request is at least one dimension; based on the authentication request and generating at least one piece of attestation information for the first authentication system to attest that the act of initiating the authentication request is authorized by a target user.
In certain embodiments of the second aspect of the present application, the step of generating at least one attestation message based on the authentication request comprises: generating second proving information based on a to-be-verified data set which is provided by the first verification system and related to the dimension of the query request, and sending the second proving information to the first authority verification system; wherein the second attestation information is used to attest that the verification request is authorized by the target user.
In certain embodiments of the second aspect of the present application, the step of generating the second attestation information based on the set of data to be verified related to the dimension of the query request provided by the first verification system comprises: acquiring the data to be verified and a random number set; wherein the set of random numbers is generated based on a secret key and a first random number shared separately between the first authentication system and each user in the user group where the target user is located; the data to be verified is obtained by calculating a third random number corresponding to each position of the space in a random number set and each sub-query element in the sub-query request in each dimension of the query request based on the space constructed by the query request; and obtaining second proving information based on the data to be verified and the random number set.
In certain embodiments of the second aspect of the present application, the step of generating at least one attestation message based on the authentication request comprises: third certification information is generated based on the query request and sent to a first verification system to verify the format validity of the query request subjected to the first encryption processing.
In certain embodiments of the second aspect of the present application, the step of generating the third attestation information based on the query request includes: third certification information for certifying the validity of the format is generated based on the format of the query request in each dimension.
In certain embodiments of the second aspect of the present application, the third attestation information comprises a sequence of values for attesting to the query request that is relevant to and only one user.
In certain embodiments of the second aspect of the present application, the first encryption process is set based on homomorphic encryption.
The third aspect of the present application also provides a first authentication system comprising: the first communication module is used for receiving a verification request sent by the second verification system; wherein the authentication request comprises a first type of encrypted query request for obtaining a query result of a target user from a group of users; wherein the authentication request is used to authenticate that the action that initiated the authentication request is authorized by a target user; the dimension of the query request is at least one dimension; and the verification module is used for executing verification operation based on the verification request and by utilizing at least one piece of proving information.
In certain embodiments of the third aspect of the present application, the verification module is configured to perform the steps of: verifying the identity of the target user in the verification request submitted by the second verification system by using the first certification information from the target user; and verifying whether the verification request submitted by the second verification system is authorized by the target user by using second proving information from the second verification system.
In certain embodiments of the third aspect of the present application, the verification module is configured to perform the steps of: transmitting a first random number for verifying identity authentication of the target user to the target user; receiving a second random number fed back by a target user and first proving information of the second random number; wherein the second random number is generated based on the first random number; and verifying the identity of the target user based on the first proving information and the second random number.
In certain embodiments of the third aspect of the present application, the first attestation information comprises a set of sequences of values for attesting to the identity of the target user.
In certain embodiments of the third aspect of the present application, the verification module is configured to perform the steps of: generating a third random number for each user based on a secret key and a first random number which are independently shared with each user in the user group, so as to obtain a random number set of the corresponding user group; based on the space constructed by the dimension of the query request, corresponding each third random number in the random number set to the position representing the space; calculating each sub-query element in the sub-query request in each dimension of the query request and a corresponding third random number in the random number set, and obtaining a data set to be verified in the corresponding dimension; transmitting the obtained data set to be verified in each dimension and the random number set to a second verification system, and acquiring the fed-back second proving information; verifying that the verification request submitted by the second verification system is authorized by the target user based on the second attestation information.
In certain embodiments of the third aspect of the present application, the second attestation information comprises a sequence of values for attesting that the authentication request is authorized by the target user.
In certain embodiments of the third aspect of the present application, the verification module is further configured to perform the steps of: and verifying the format legitimacy of the query request submitted by the second verification system and subjected to the first encryption processing by using third proving information from the second verification system.
In certain embodiments of the third aspect of the present application, the verification module is configured to perform the steps of: acquiring third proving information for proving format legality of the query request in each dimension; wherein the third attestation information is generated based on the query request; and verifying the format validity of the query request based on the third proving information.
In certain embodiments of the third aspect of the present application, the third attestation information comprises a sequence of values for attesting to the query request that is related to and only to one user.
In certain embodiments of the third aspect of the present application, the first encryption process is set based on homomorphic encryption.
A fourth aspect of the present application also provides a second authentication system comprising: the second communication module is used for sending a verification request to the first verification system based on a verification requirement; wherein the authentication request comprises a first encrypted query request; the query request is used for acquiring a query result of a target user from a user group, and the verification request is used for verifying that the action of initiating the verification request is authorized by the target user; the dimension of the query request is at least one dimension; and the cooperation verification module is used for generating at least one piece of proving information based on the verification request so that the first verification system can prove that the action of initiating the verification request is authorized by a target user.
In certain embodiments of the fourth aspect of the present application, the cooperation verification module is configured to perform the following steps: generating second proving information based on a to-be-verified data set which is provided by the first verification system and related to the dimension of the query request, and sending the second proving information to the first authority verification system; wherein the second attestation information is used to attest that the verification request is authorized by the target user.
In certain embodiments of the fourth aspect of the present application, the verification module is configured to perform the steps of: acquiring the data to be verified and a random number set; wherein the set of random numbers is generated based on a secret key and a first random number shared separately between the first authentication system and each user in the user group where the target user is located; the data to be verified is obtained by calculating a third random number corresponding to each position of the space in a random number set and each sub-query element in the sub-query request in each dimension of the query request based on the space constructed by the query request; and obtaining second proving information based on the data to be verified and a random data set.
In certain embodiments of the fourth aspect of the present application, the cooperation verification module includes a module for generating third attestation information based on the query request and transmitting the third attestation information to the first verification system to verify the format validity of the first encrypted query request.
In certain embodiments of the fourth aspect of the present application, the verification module is configured to generate third certification information for certifying validity of a format of the query request in each dimension based on the format.
In certain embodiments of the fourth aspect of the present application, the third attestation information comprises a sequence of values for attesting to the query request that is relevant to and only one user.
In certain embodiments of the fourth aspect of the present application, the first encryption process is set based on homomorphic encryption.
The fifth aspect of the present application also provides a right verification system, including: a first verification system as claimed in any one of the preceding claims; a second verification system as claimed in any one of the preceding claims; and the third verification system is used for providing certification information for verifying the identity of the target user in the action of initiating the verification request in cooperation with the first verification system.
The sixth aspect of the present application also provides a first computer system comprising: a storage device for storing at least one program; interface means for communicating with at least one second computer system; processing means for invoking said at least one program and coordinating said storage means and interface means for performing a rights verification method as described in any of the first aspects.
The seventh aspect of the present application also provides a second computer system comprising: a storage device for storing at least one program; interface means for communicating with a first computer system; processing means for invoking said at least one program and coordinating said storage means and interface means to perform the rights verification method according to any of the second aspects.
An eighth aspect of the present application also provides a computer-readable storage medium, characterized in that a rights verification computer program is stored, which when executed implements the rights verification method according to any one of the first aspects or the rights verification method according to any one of the second aspects.
As described above, the authority verification method and system of the application have the following beneficial effects: the authentication operation is performed based on the authentication request using at least one attestation information to attest that the act of initiating the authentication request was authorized by the target user. In addition, the validity of the identity of the target user and the correctness of the query request format can be verified, and thus the vulnerability of authority verification in the network operation in the prior art is solved.
Drawings
FIG. 1 is a schematic diagram of a hardware system of the data query system according to an embodiment of the present application.
FIG. 2 is a flow chart of a data query method according to an embodiment of the application.
FIG. 3 shows an example of a query request having 2 dimensions.
Fig. 4 is a schematic diagram showing a correspondence between the query request and the query result set shown in fig. 3.
Fig. 5 is a schematic diagram showing a correspondence relationship between the sub-query request elements and the query result after the operation of fig. 4.
FIG. 6 shows an example of a query request having a dimension of 3 dimensions.
Fig. 7 shows correspondence of the query data set to each spatial position in the space P1 shown in fig. 6.
Fig. 8 is a schematic diagram showing a correspondence relationship between the sub-query request elements and the query result after the operation of fig. 7.
Fig. 9 is a schematic diagram showing a correspondence relationship between the sub-query request elements and the query result after the operation of fig. 8.
FIG. 10 shows that all of the terms in the query result set queried for the 3X 4 array for the query request are non-empty. .
FIG. 11 shows that column 3 of the query result set queried for a 3×4 array for a query request contains only a 23
FIG. 12 shows a set of query results queried for a 3×4 array for a query request.
FIG. 13 shows a set of query results queried for a 3×4 array for a query request.
FIG. 14 shows a set of query results queried for a 3×4 array for a query request.
Fig. 15 shows a flow chart of the rights verification method of the present application.
Fig. 16 shows a 2-dimensional and form an operational relationship between a (3 x 4) matrix query request and a set of random numbers.
Fig. 17 is a schematic diagram of a software architecture of the data query system of the present application.
Fig. 18 is a schematic diagram of a software architecture of the rights verification system according to the present application.
Parameter table of formulas involved in the present application
Detailed Description
Further advantages and effects of the present application will become apparent to those skilled in the art from the disclosure of the present application, which is described by the following specific examples.
Although the terms first, second, etc. may be used herein to describe various elements in some examples, these elements should not be limited by these terms. These terms are only used to distinguish one element from another element. For example, a first data querying system may be referred to as a second data querying system, and similarly, a second data querying system may be referred to as a first data querying system without departing from the scope of the various described embodiments, but they are not the same data querying system unless the context clearly indicates otherwise. Similar situations also include a first encryption process and a second encryption process, etc.
Furthermore, as used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context indicates otherwise. It will be further understood that the terms "comprises," "comprising," "includes," and/or "including" specify the presence of stated features, steps, operations, elements, components, items, categories, and/or groups, but do not preclude the presence, presence or addition of one or more other features, steps, operations, elements, components, items, categories, and/or groups. The terms "or" and/or "as used herein are to be construed as inclusive, or meaning any one or any combination. Thus, "A, B or C" or "A, B and/or C" means "any of the following: a, A is as follows; b, a step of preparing a composite material; c, performing operation; a and; a and C; b and C; A. and C). An exception to this definition will occur only when a combination of elements, functions, steps or operations are in some way inherently mutually exclusive.
In some query applications related to sensitive data, such as credit applications, applications for querying network services by using personal information, etc., protection of the sensitive data needs to be performed cooperatively by multiple parties such as a data source, an intermediate platform, a data consumer, etc. for providing the sensitive data; even sensitive data provided by the user himself is to be protected. Wherein the sensitive data includes, but is not limited to: personal/business identity information, personal/business account information, personal physical characteristic information, personal/business consumption information (such as bills), information generated by the personal/business due to the use of software (such as a moving route, browsing time length, etc.), evaluation information collected by the business, information obtained by analyzing the business according to at least the above information, and the like.
In order for each computer device involved in the sensitive data to perform processing on the sensitive data on the basis of protecting the sensitive data, in some embodiments, the sensitive data is encrypted, however, plain text still needs to be obtained when each computer performs data processing. Therefore, the application provides a method for realizing the reading, interaction, application processing and the like of the sensitive data under the condition that the multi-party equipment cannot know the sensitive data.
In some scenarios, such as order inquiry in internet service, the system for performing data security reading, interaction and application between the multiparty devices comprises: a second computer system, a data source (also called a third computer system). By executing the method provided by the application, the second computer system can directly perform safe data query on the data source and obtain the query result. In still other scenarios, such as a target user delegated querying of loan information for a loan institution, etc., which constitutes a system for secure data reading, interaction, and application between the multi-party devices, includes: a second computer system, a data source (also called a third computer system), and a user device. By executing the method provided by the application, based on the permission authentication cooperation of the user equipment used by the target user and the second computer system, the data source can provide safe data query for the second computer system, so that the second computer system obtains a corresponding query result. In still other scenarios, such as the targeted user delegated querying of loan information for multiple loan institutions, etc., which constitute a system for secure data reading, interaction, and application between the multi-party devices, includes: a first computer system, a second computer system, a data source (also called a third computer system), and a user device. The method provided by the application is executed, and based on the permission authentication cooperation of the user equipment used by the target user and the second computer system, the first computer system performs safe data query on at least one data source, and obtains the query result of each data source.
Based on the examples above, at least one data query method, permission verification method, etc. is provided based on the execution of each computer system in the multiparty secure data processing procedure. In some scenarios, the corresponding data query method and rights verification method are performed by a multi-party computer system and constitute a process for securely transmitting and processing data. For example, in a lending survey application of a multi-party lend, a multi-party computer system participating in rights authentication and data querying may include: the user equipment, the first computer system, the second computer system and the third computer system held by the target user applying for borrowing. In still other scenarios, the corresponding data query method and the rights verification method may be performed separately for implementing secure data query and rights verification, respectively. In some specific scenarios, a database provided by a third computer system is used for inquiring a certain order information which does not contain sensitive data in plaintext, and by utilizing the data inquiring method provided by the application, the third computer system acquires the inquired certain order information by means of information such as the position of the description order information in the order information set. The order information may also be loan information, consumption information, personal identity information, and the like. In still other specific scenarios, in the process that the second computer system provides the query service to the third computer system to expect to obtain the query result and perform subsequent processing on the query result, the first computer system may serve as a proxy platform for the plurality of third computer systems and the plurality of second computer systems, not only provide data forwarding for both parties, but also provide a process of fusion of the query result, forwarding, authority verification, and the like. For example, the first computer system is a query agency platform for borrowing service, the second computer system is a query party for querying loan information of borrowers (also called target users), the third computer system is a database of loan institutions, the second computer system initiates a query service which does not contain sensitive data about the borrowers to the first computer system based on the application of the borrowers, the computer system performs authority verification, and forwards the query service to at least one third computer system after the authority verification is passed, and the third computer system obtains the loan information corresponding to the query service without knowing the sensitive data of the borrowers and returns the loan information to the first computer system; under the condition that the first computer system does not obtain the sensitive data, the query results fed back by the third computer systems are fused and fed back to the second computer system for consistency assessment of the query results between borrowers and loan institutions, loan qualification assessment and the like. Based on the above examples, in some other examples, portions of the first computer system may be integrated with a third computer system, e.g., rights verification and data forwarding are integrated in the third computer system. As another example, portions of the third computer system may be integrated into the first computer system. In yet other examples, portions of the first computer system may be integrated with the second computer system, e.g., integrating consistency verification, etc., in the second computer system. As another example, portions of the second computer system may be integrated into the first computer system. In yet other examples, the first computer system may integrate portions of the second computer system and/or the third computer system to improve information security. Based on the query process of loan information described above, performing a similar query process may also include querying identity information, consumption information, order information, and the like.
In order to facilitate the description of a data query process, a permission verification process, a query result consistency verification process, an evaluation process using a query result, etc. initiated based on a service requirement, the above processes are described by working processes of a hardware system composed of user equipment used by a target user, a second computer system used by a query party, a first computer system used by an intermediate platform, and a data source (also referred to as a third computer system) used by a borrower. Referring to fig. 1, a schematic diagram of a hardware system of a data query system according to an embodiment of the application is shown.
It should be noted that, the processes performed according to the hardware system shown in fig. 1 are merely examples, and may be performed alone or in combination with other performing processes based on actual design requirements in different application scenarios. For example, the rights verification process described above may be used alone to perform rights verification of network traffic without providing sensitive data. For another example, the process of checking consistency of query results can be used solely for consistency check scenarios involving multiple parties, such as electronic contracts, proxy services, and the like. For another example, the above-described evaluation process combining the data query process and the query result may be determined according to the actual business logic requirements. Wherein the business logic requirements include, but are not limited to: order automatic processing requirements, pricing requirements for custom services based on user consumption capabilities, etc.
It should be noted that the above-mentioned user equipment, second computer system, first computer system, data source, etc. are electronic devices including a storage device, a processing device, an interface device, etc. The electronic device includes, but is not limited to, a dedicated chip, an FPGA, etc. configured to perform the above methods according to actual performance requirements.
The electronic device may be a single computer device, or a service system based on a cloud architecture, or the like. Wherein the single computer device may be an autonomously configured computer device that may perform the methods of the present application, which may be located in a private machine room or in a rented machine location in a public machine room. The Cloud architecture Service system comprises a Public Cloud (Public Cloud) Service end and a Private Cloud (Private Cloud) Service end, wherein the Public or Private Cloud Service end comprises Software-as-a-Service (Software as a Service, abbreviated as SaaS), platform-as-a-Service (Platform as a Service, abbreviated as PaaS), infrastructure-as-a-Service (Infrastructure as a Service, abbreviated as IaaS) and the like. The private cloud service end is, for example, an ali cloud computing service platform, an Amazon (Amazon) cloud computing service platform, a hundred degree cloud computing platform, a Tencel cloud computing platform, and the like.
According to the hardware device for actually running the above methods, each device constituting the electronic device may be located on a single server, or located in a plurality of servers and completed cooperatively by data communication between the servers.
For this purpose, the interface device is connected to the processing device in a data manner, which can be connected via a bus or can be data-transferred via a communication network. To this end, the interface means include, but are not limited to, a network card, a mobile network access module, a bus interface connected to the processing means via a bus, etc. For example, the interface device of the corresponding second computer system is communicatively connected to the interface device of the first computer system, the interface device of the user equipment, and the like. The interface devices communicate data through the Internet, a mobile network and a local area network.
The storage device is used for storing at least one program capable of executing any one or more of the methods. The storage means corresponding to the same electronic device may be located on the same physical server as the processing means or in different physical servers and the program is transferred to the processing means running the program via the interface means of the respective servers. The storage may include high-speed random access memory, and may also include non-volatile memory, such as one or more disk storage devices, flash memory devices, or other non-volatile solid-state storage devices. In some embodiments, the memory may also include memory remote from the one or more processors, such as network-attached memory accessed via RF circuitry or external ports and a communication network (not shown), which may be the internet, one or more intranets, a Local Area Network (LAN), a wide area network (WLAN), a Storage Area Network (SAN), etc., or suitable combinations thereof. The storage also includes a memory controller that can control access to memory by other components of the device, such as the CPU and peripheral interfaces. Among other software components stored in the storage device include an operating system, a communication module (or instruction set), a text input module (or instruction set), and an application (or instruction set).
The processing device is operatively coupled with the storage device. More specifically, the processing apparatus may execute programs stored in the memory and/or the nonvolatile storage device to perform operations in the task platform. As such, the processing device may include one or more general purpose microprocessors, one or more application specific processors (ASICs), one or more field programmable logic arrays (FPGAs), or any combinations thereof. Wherein, the plurality of CPUs contained in the processing device can be positioned in the same entity server or distributed in a plurality of entity servers, and realize data communication by means of the interface device so as to cooperatively execute the steps of each method.
Referring to fig. 2, a flow chart of a data query method in one embodiment is shown. The data query method involves the steps executed by the second computer system, the steps executed by the first computer system and the steps executed by the third computer system. The first computer system is configured with a first data query system, the second computer system is configured with a second data query system, and the third computer system is configured with a third data query system, wherein each data query system is a software system running in a corresponding computer system.
According to the foregoing examples of the respective scenarios, the computer system that performs the relevant steps of the method may also be other computer systems that can perform the relevant steps, and is not limited to the computer system shown in the present embodiment; accordingly, each software system may be configured in a split or combined manner in an entity computer system that performs the corresponding steps, and are not illustrated herein.
In step S110, the second data query system transmits at least one query service based on a query requirement of a target user.
Wherein the target user is a provider of sensitive data, which may be a person, an enterprise, etc. For example, the target user is a borrower who applies for a loan. The second data query system aims at obtaining a query result of a corresponding target user by using a network architecture constructed by the hardware system illustrated in fig. 1 under the condition that sensitive data of the target user are not provided, and further performing evaluation of the corresponding query requirement by using the query result. Here, the query requirement is generated by the target user applying in an offline or asynchronous manner. Wherein the query requirement comprises: loan amount assessment requirements generated for lending purposes, etc., personal credit assessment requirements generated for contractual purposes, etc.
To this end, the second data query system generates at least one query service based on the query requirement. Wherein the query traffic is related to mathematical calculations describing the requirements of the query. For example, in order to determine that a loan within ten-thousand-yuan of the interval [ a1, a2] can be issued to a target user in the demand for inquiring the loan amount, a mathematical calculation including comparing the loan balance of each loan institution with the loanable amount of the target user is constructed. Correspondingly, the query service comprises: query business for querying the loan balance of a target user in a plurality of loan institutions. For another example, still taking the inquiry requirement of loans as an example, the inquiry requirement includes statistics of the number of loans, and to determine the historical number of loans of the target user, a mathematical calculation including a summary of the number of loans of each loan organization needs to be constructed. Correspondingly, the query service comprises: query business for querying the number of loans of a target user in a plurality of loan institutions.
The inquiry service comprises information to be inquired and an inquiry request subjected to first encryption processing. The information to be queried refers to information related to the type of the query result, which is required to be acquired from a data source in order to execute mathematical computation. Examples of the information to be queried include: loan times, loan balances, loan balance mean and variance, personal belief-loss times, refund reason statistics, and the like.
In addition, in order to remove the sensitive data about the target user, the query service is further provided with a query request corresponding to the target user. The query request is used to indicate the location of the target user in a user group. The user groups are uniformly arranged in at least the second data query system and the third data query system. In other words, the second data query system and the third data query system are preconfigured with the order of the individual user information in the user group. In some examples, the registered users are divided into a plurality of user groups with the same size in a preset manner, so long as the grouping scale is large enough, the grouping mode can achieve the purpose of stealth sensitive data, and the design is a trade-off between efficiency and privacy. For example, suppose there are N registered users, which are divided into several groups, each group having a size of Ng. For a registered user with identity u, the first data query system may assign a unique tuple (gid u ,pid u ) And share to other data query systems. Wherein gid u Is a group id, pid u Is the location of the user in the group. It is obvious thatAnd 0.ltoreq.pid u <N g
In some specific examples, the user group may be a default group, e.g., the user group is all users registered in the second data query system and updated to the third data query system by synchronous or asynchronous. In yet other specific examples, the second data query system divides the registered users into a plurality of user groups and distinguishes the user groups based on the number (e.g., gid) of each user group by updating to the third data query system synchronously or asynchronously. For this reason, in the case that the user group is plural, the query service further includes user group information in which the target user is located.
The sequence of the user information in the same user group is consistent in the second data query system and the third data query system. Or the sequence of the user information in the same user group is corresponding to the second data query system and the third data query system. In some more specific examples, the correspondence is configured on the first data query system side, and the first data query system converts the order of each user in the user group provided by the second data query system into the order of each user in the user group required by a certain third data query system according to the correspondence.
The query request is used for acquiring a query result of the target user corresponding to the information to be queried in a user group. Wherein the query request comprises at least one-dimensional sub-query request, wherein each one-dimensional sub-query request comprises a plurality of sub-query elements. The locations of users in the user group may correspond to the locations of the sub-query elements in the query request in the respective dimensions. Here, in order to remove the sensitive data of the target user, taking 0 and 1 as an example to represent non-target users and target users in the user group, the user group includes 12 users, where the 4 th user is the target user, the plaintext of the query request may be represented as {0,0,0,1,0,0,0,0,0,0,0,0}, and the one-dimensional sub-query request is represented by encrypting the plaintext of the query request by using the first encryption process: { E (0), E (0), E (0), E (1), E (0), E (0), E (0), E (0), E (0) }; or encrypting the plaintext of the query request to obtain a two-dimensional sub-query request, which is expressed as: { { E (0), E (1), E (0), E (0) }, { E (1), E (0), E (0) }. E (0) and E (1) in the sub-query requests of each dimension are sub-query elements.
Here, the first mathematical calculation performed on the query request after the first encryption processing for obtaining the query result has an effect equivalent to the second mathematical calculation performed on the plaintext of the query request, so that each data query system participating in the data query can obtain the query result of the corresponding target user by the query request after the first encryption processing. In some examples, the first encryption process is set based on homomorphic encryption. For example, the first encryption processing mode is based on a formulaWhile E (0) and E (1) in the previous example correspond to x here 1 ,x 2 Cases 0 and 1; r is a random number; g and n are public keys of a first encryption processing mode; the first encryption processing mode in this example has an addition homomorphism: e (x) 1 )E(x 2 )=E(x 1 +x 2 ) And multiplication homomorphism: /> It can be seen that performing a multiplication with the first encrypted query request is equivalent to an addition of plaintext, and performing an exponential multiplication with the first encrypted query request is equivalent to a multiplication of plaintext. It should be noted that the first encryption method is not limited to the homomorphic encryption algorithm provided by the formula, and other encryption algorithms with homomorphic properties are also suitable for this purpose.
The query requests described based on the above examples may be represented by a one-dimensional array. If the number of users in the user group is too large, the number of the query requests is too large, which is disadvantageous for data communication. To this end, in some other examples, the locations of users in the user group are described by a multi-dimensional query request. For example, the user group contains 12 users, of which the target users are the fourth, and the manner in which the fourth target user (the first column of the second row) in the user group is described by using the two-dimensional query request (4×3) is exemplified by { { { q (0), q (1), q (0), q (0) }, { q (1), q (0), q (0) }, whereby it can be seen that the 12 one-dimensional query requests are converted to be described by 7 two-dimensional query requests. By the two-dimensional example popularization, the query request is set to be a multi-dimensional sub-query request according to the minimization of the data transmission quantity. For example, the number of users in the user group is 1000, the dimension of the query request is set to three dimensions (10 x 10), a total of 30 query element descriptions are required.
In order to perform a data query using the first encryption algorithm, the query request may mark one or more target users in the user group. In order to perform fast calculation by using the multidimensional space constructed by the query request, only the user corresponding to one position in the space is marked as the target user in the query request, namely, the sub-query element corresponding to each dimension of one spatial position in the multidimensional space constructed by the query request is a value 1 subjected to the first encryption processing, and the sub-query elements corresponding to each dimension of the rest of spatial positions are a value 0 subjected to the first encryption processing.
In some examples, the second data query system sends the generated at least one query service to the third data query system to obtain a query result of the target user at the third data query system. In still other examples, the second data query system sends the generated at least one query service to a first data query system, and the first data query system may forward the query service based on a preset plurality of data sources, or forward the query service according to at least one data source specified in the query service, and obtain a query result of a corresponding target user fed back by a third data query system in the plurality of data sources.
Taking the example that the first data query system receives the query service, in step S210, the first data query system receives at least one query service sent by the second data query system, and forwards the query service to a third data query system including a corresponding data source, so that the third data query system executes step S320.
Taking the example that the third data query system receives the query service, in step S310, the third data query system receives at least one query service sent by the second data query system, and performs step S320.
In step S320, the third data query system obtains a query data set of the user group where the target user is located according to the information to be queried.
The third data query system reads the query data set corresponding to the whole user group from the database according to gid of the user group and information to be queried. In some examples, the information to be queried corresponds to data items in a database, and the step includes reading a first query data set corresponding to the user group in the database according to the data items corresponding to the information to be queried in the database, and taking the first query data set as the query data set. For example, the information to be queried is a loan balance, and the database of the third data query system includes data items of the loan balance, and the third data query system reads the query data set of the corresponding user group in the database.
In still other examples, the third data query system needs to determine a corresponding data item in the database according to the information to be queried, and pre-process the first query data set according to a pre-processing mode of the data item in the information to be queried to obtain a second query data set, and uses the second query data set as the query data set obtained according to the information to be queried and the user group. For example, the information to be queried is whether a loan exists or not, and the third data query system reads the first query data set of the user group according to the data item of the loan balance, and performs preprocessing according to the condition that the loan balance is larger than 0 and the loan exists, so as to obtain the second query data set of the loan exists in the user group. For another example, the information to be queried is the square of the loan balance, and the third data query system reads the first query data set of the user group according to the data item of the loan balance, and performs preprocessing according to the formula of the square of the loan balance to obtain the second query data set of the square of the loan balance in the user group.
In other examples, the step includes the step of subjecting each of the query data sets to a second encryption process, and using the second encrypted query data set as the query data set for subsequent processing. In some specific examples, according to the description of the information to be queried, the third data query system performs a second encryption process on the plaintext of each query data read from the database, thereby obtaining a promised value of the plaintext of the query data, and forming a query data set from the promised value. In still other specific examples, according to the description of the information to be queried, the third data query system performs preprocessing on the plaintext of each query data read from the database, and performs second encryption processing on the preprocessed query data plaintext, thereby obtaining a promised value of the preprocessed query data plaintext, and forming a query data set from the promised value. In order to facilitate the second data query system to calculate the promise value, so as to obtain the data processing requirement of equivalently calculating the query data plaintext corresponding to the promise value, the second encryption processing is also a homomorphic encryption mode.
For example, a second encryption method based on homomorphic encryption is: given two large prime numbers p and q such that q|p-1, assume G q Is Z p Is a q-order subgroup. Let G and h be G q And record the commitment function as F (x, r) =g x h r mod p, where x ε Z q Is a promise value, r is at Z q A commitment random number selected randomly. Wherein F (x) may be abbreviated as F (x, r). Here, the resulting commitment function F is additive homomorphic: given two commitments c 1 =F(x 1 ,r 1 ) And c 2 =F(x 2 ,r 2 ) Can obtainI.e. c 1 c 2 Is x 1 +x 2 Is a promise of (a). The random number in the commitment masks the committed value, so the commitment of x does not show any information about the value of x.
In step S330, the third data query system obtains the query result corresponding to the target user from the query data set according to the first encrypted query request and feeds back the query result.
The third data query system performs operation processing on the query request subjected to the first encryption processing and the query data set according to the operation mode corresponding to the first encryption processing and the query request of each dimension, so as to extract a query result corresponding to the target user.
Here, according to the situation that each query data in the actual query data set may be partially or completely empty, partially or completely 0, or partially or completely a numerical value (or character string, etc.) not equal to 0, etc., before extracting the query result of the target user according to the dimension of the query request, it is determined whether the query data set is empty.
In some examples, the query data set for the user group queried by the third data query system is null. For example, all users in the user group have no loan balance recorded at the loan institution where the third data query system is located. In some specific examples, the third data query system feeds back a null value (null) to the second data query system as a query result of the corresponding target user, or feeds back the null value to the second data query system via the first data query system. In still other specific examples, to avoid the occurrence of a plaintext query result, the step S330 includes: taking the preset value corresponding to the empty as a query result corresponding to the target user; and carrying out first encryption processing on preset values for preset times by using the first encryption processing query request to obtain a query result corresponding to the target user.
For example, a preset null value pairAnd the value 0 is obtained after the first encryption processing, and is taken as the query result corresponding to the target user. For another example, the preset null value corresponds to a value (e.g., E (0)) obtained by performing the first encryption processing on the value 0, and the value is used as a query result corresponding to the target user; for another example, according to the dimension d of the query request, the preset null value corresponds to a value obtained by performing d times of first encryption processing on the value 0 (e.g d (0) As a query result corresponding to the target user.
In yet another example, when the query data set includes at least one query data, the step S330 includes: and calculating the query request subjected to the first encryption processing and the query data set based on the operation mode corresponding to the first encryption processing mode.
The third data query system extracts query data of a corresponding target user in the query data set by using the query request under a space constructed based on the dimension of the query request.
Taking the dimension of the query request as one dimension as an example, the third data query system uses the formula as followsIndex calculation is carried out on each sub-query element in the query request and the corresponding query data, wherein x is i A is the plaintext of sub-query element, a i To correspond to x i Plaintext or commitment value of the query data. When the plain text of the sub-query element is 0, the corresponding sub-query element is E (0), and E (0×a) is obtained according to the above formula i ) I.e., E (0); when the plaintext of the sub-query element is 1, the corresponding sub-query element is E (1), and E (1×a) is obtained according to the above formula i ) E (a) i ). The third data query system feeds back query data II E (x) i a i )=E(a i ). The query data is a query data plaintext or a promise value stored in a database.
Taking the dimension of the query request as a multi-dimension example, the step S330 includes: based on a space constructed by the i-th dimension sub-query request and the sub-query requests of the remaining dimension, corresponding each query data in the query data set to a position representing the space; calculating each sub-query element in the corresponding ith dimension in the space and corresponding query data by utilizing the operation mode to obtain a new query data set projected in the ith dimension; repeating the above process by using a new space constructed by the (i+1) dimension sub-query request and the sub-query request with the remaining dimension and a new query data set until all dimensions are traversed to obtain a query result of a corresponding target user; wherein 0<i is less than or equal to d, and d is the total number of dimensions.
The space is used for assisting in explaining the corresponding relation between the sub-query elements and each query data in the query data set, and the space can be expressed in the form of a memory opened in the execution process of a computer or can provide a logical mapping relation based on the instructions of the computer program. In some specific examples, the space constructed based on the i-th dimension sub-query request and the sub-query requests with the remaining dimensions expands the multi-dimension sub-query requests along the i-dimension to construct a space matrix, and corresponds each query data to the space matrix according to the serial number of each query data in the query data set. In other specific examples, the location of the query dataset in the space is derived using a formula:
row_len=m * /m i
A kind of electronic device with high-pressure air-conditioning system
Wherein m is i A length of the space in the i-th dimension determined based on a number of sub-query elements in the i-th dimension in the set of query requests; m is m * Is the capacity of the space; row_len is the capacity of the remaining dimension;sequential numbering of the jth query data in the query data set; r andc is the position of the jth query data in the space, respectively.
The third data query system performs the following operations by using the correspondence between the sub-query elements and the query data determined by the space constructed by any one of the above steps: respectively calculating each non-empty query data of the r line in the space and the r sub-query element of the i dimension by using a first operation item in an operation mode to obtain each calculation result of the corresponding r line; and aggregating the calculation results of the c-th row in the space by using a second operation item in the operation mode to obtain a new query result set; where r and c represent the locations of the query data in space. Wherein, utilizing the operational characteristics of the first encryption process, E (x) E (y) =E (x+y), E (x) is generated by the homomorphic encryption process y The above calculation is performed for the operational characteristics of =e (xy), resulting in a new query result set.
And repeating the process by using a new space constructed by the (i+1) th dimension sub-query request and the sub-query requests of the remaining dimensions and a new query data set until all dimensions are traversed, and obtaining a query result of a corresponding target user.
Taking the example that Ng registered users in a group, not all people borrow money from the same lender, especially some small loaners, the array of borrower information may be very sparse because each lender Si only needs to store its own borrower information. For example, if only 1/10 of the people borrow money from a lender, the sparsity (i.e., the proportion of empty terms) of most lender groups will exceed 0.9. Sparsity is used to accelerate the PIR process, i.e., skip empty entries when generating results.
Specifically, for a sparse query result set A with m terms, it is assumed that m 'terms are not empty (this represents m=Ng, and only m' users in the group borrow from the lender 1 :a 1 ,ind 2 :a 2 ,…,ind m′ :a m′ }, each of which (ind) j :a j ) (1. Ltoreq.j.ltoreq.m') is the index versus value pair. Each ind j Corresponding to one pid, each a j Corresponding to some x ib Is of the order of (a)And (5) no. This step recursively performs the extraction process and exploits the sparsity of the array to improve performance. Intuitively, for an array a of size m, if one wants to extract the entries of the position ind, one can first aggregate each row_len entry into a group and consider the array as a row_lenx (m/row_len) matrix. Next a x ind ]Is calculated as (r, c) and row r is extracted. This process is then applied recursively to extract the c-th item of the extracted line. The empty term is skipped to reduce computational overhead and finally the algorithm returns the extracted term. The computational complexity is proportional to the number of non-empty terms (i.e., the number of registered users borrowing funds from the borrower).
The algorithm based on the above example is described as follows:
Input:The query ,the query dimension d,and the sparse array/dataset
A={ind 1 :a 1, ind 2 :a 2 ,...,ind m′ :a m′ }.
Output:The cipertext of the queried item.
taking the dimension of the query request as a two-dimensional example, please refer to fig. 3, which shows an example in which the dimension of the query request is 2-dimensional, wherein the query request is: q= { q 11 ,q 12 ,q 13 },{q 21 ,q 22 ,q 23 ,q 24 }, wherein q ij For the ith and jth sub-query elements, each sub-query element corresponds to 0 or 1 subjected to the first encryption processing, in other words, each q ij Is q= { { q 11 ,q 12 ,q 13 },{q 21 ,q 22 ,q 23 ,q 24 } = { { { E (0), E (1), E (0) }, { E (0), E (0), E (1), E (0) }. First dimensionSub-query request { q 11 ,q 12 ,q 13 Sub-query requests { q } and the remaining dimension (i.e., the second dimension) 21 ,q 22 ,q 23 ,q 24 The space P1 constructed is shown in FIG. 3; the third data query system queries the data set { NA, x } 2 ,NA,x 4 ,x 5 ,NA,NA,x 8 ,x 9 ,x 10 NA, according to the spatial position provided by the space P1, sequentially corresponding each value in the query data set to each spatial position according to a preset sequence, NA represents that the query data is empty, please refer to FIG. 4, which shows a schematic diagram of the correspondence between the query request and the query result set shown in FIG. 3, wherein q 11 Sub-query element corresponds to array { NA, x 2 ,NA,x 4 };q 12 Sub-query element corresponds to array { x } 5 ,NA,NA,x 8 };q 13 Sub-query element corresponds to array { x } 9 ,x 10 NA, NA }. Wherein, according to the sub-query element q representing the number 1 in the query request q 12 And q 23 The query data corresponding to the target user is the 7 th data NA in the query data set at a position in space.
Calculating the values of each sub-query element and the corresponding array according to the formula E y =e (xy), wherein for query data marked as empty (NA), the third data query system skips processing to obtain a calculation result as shown in fig. 5, and performs aggregation processing on each calculation result along the first dimension direction according to the formula E (x) E (y) =e (x+y) to obtain a new query data set (E (a) 21 ),E(0),NA,E(a 24 ) And), wherein a 21 Corresponds to x 5 ,a 24 Corresponds to x 8
Sub-query request { q in accordance with second dimension in query request q 21 ,q 22 ,q 23 ,q 24 One-dimensional space constructed, new query data sets (E (a 21 ),E(0),NA,E(a 24 ) Repeating the above process to obtain a query result E (0) of the corresponding target user.
Taking the dimension of the query request as a three-dimensional example, please refer to fig. 6, which shows the dimension as the dimension of the query requestIs a 3-dimensional example, in which the query request is: q= { q 11 ,q 12 ,q 13 ,q 14 },{q 21 ,q 22 ,q 23 },{q 31 ,q 32 }, wherein q ij For the ith and jth sub-query elements, each sub-query element corresponds to 0 or 1 subjected to the first encryption processing, in other words:
q={{q 11 ,q 12 ,q 13 ,q 14 },{q 21 ,q 22 ,q 23 },{q 31 ,q 32 }}={{E(0),E(0),E(1),E(0)},{E(0),E(1),E(0)},{E(1),E(0)}}
Wherein the first dimension sub-query requests { q 11 ,q 12 ,q 13 ,q 14 Sub-query requests { q } and the remaining dimensions (i.e., second and third dimensions) 21 ,q 22 ,q 23 },{q 31 ,q 32 The space P1 constructed is shown in FIG. 6; the third data query system queries the data set { NA, x } 2 ,NA,x 4 ,NA,NA,NA,NA,NA,NA,NA,NA,x 13 ,x 14 ,x 15 NA, NA, NA, NA, NA, NA, NA, NA, NA, according to the spatial positions provided by the space P1, sequentially corresponding the values in the query data set to the spatial positions in a preset order, please refer to fig. 7, which shows the correspondence relationship of the query data set to the spatial positions in the space P1 shown in fig. 6, namely q 11 Sub-query element corresponds to array { NA, x 2 ,NA,x 4 ,NA,NA};q 12 Sub-query element corresponds to array { NA, NA, NA, NA, NA, NA }; q 13 Sub-query element corresponds to array { x } 13 ,x 14 ,x 15 ,NA,NA,NA};q 14 The sub-query elements correspond to the array NA, NA, NA, NA, NA, NA. Wherein, the sub-query element q is represented by the number 1 in the query request q 13 、q 22 And q 31 The query data corresponding to the target user is the 15 th data x in the query data set at the position in the space 15
According to formula E (x) y For the query data marked as Null (NA), the third data query system skips the process to obtainThe calculation results shown in fig. 8, and the calculation results are aggregated along the first dimension direction according to the formula E (x) E (y) =e (x+y), to obtain a new query data set (E (a) 31 ),E(a 32 ),E(a 33 ) E (0), NA, NA), wherein a 31 Corresponds to x 13 ,a 32 Corresponds to x 14 ,a 33 Corresponds to x 15
Sub-query request { q in accordance with second dimension in query request q 21 ,q 22 ,q 23 Sum of the remaining sub-query requests { q } 31 ,q 32 Two-dimensional space constructed, new query data sets (E (a 31 ),E(a 32 ),E(a 33 ) The above procedure is repeated for a new query dataset of (E (0), NA) as (E (a 33 )),E(E(0)))。
According to formula E (x) y For the query data marked as Null (NA), the third data query system skips the process to obtain the calculation result shown in fig. 9, and aggregates each calculation result along the second dimension direction according to the formula E (x) E (y) =e (x+y) to obtain the query result E (a) 33 ))). The query result of the target user is query data x subjected to three times of first encryption processing 15
Based on the above example and generalized to a higher dimension query request, the query result is one of at least one query result derived based on the dimension of the query request. In other words, the generated query result has one of a plurality of query results obtained based on the dimension based on the possibility that the set of query results obtained in the third data query system includes a space in a certain dimension. In addition, if the query data of the target user in the third data query system is Null (NA), according to the actual design requirement, a query result unrelated to the dimension or a query result related to the dimension can be obtained.
In some scenarios, when the third data query system skips over a null item in the array, the second data query system may infer by comparing the random number in the query to the result ciphertextAdditional information about the array. Referring to the 3×4 array shown in fig. 10 and 11, in which all items in fig. 10 are non-empty, column 3 in fig. 11 contains only the queried item a 23 . With respect to fig. 10, when the third data query system extracts the second row,wherein x is ij =0 or 1, obtain However, with respect to FIG. 11, when the third data query system extracts the second row, it obtains Thus, the second data query system receives E (E (a 23 ) After first decrypting the outermost encryption and obtaining E (a) 23 ). Then by comparison +.>And->The recipient can infer whether column 3 contains other non-empty items.
In other scenarios, the second data polling system may infer additional information by checking whether decryption returns 0. For example, the query of FIG. 12 returns E (E (0)). This is because a23 is empty and skipped. Similarly, the query of FIG. 13 returns E (0 1 ) Wherein 0 is 1 Is a 0 string of length equal to the ciphertext length (e.g., 2048 bits for a Paillier with 1024-bit private key). Fig. 14 shows a completely empty array, we set 0 as output (line 19 in algorithm 1). In format, for a d-dimensional query to extract term e, there are d+2 possibilities for the result of algorithm 1: 0, E (0) d-1 ),E 2 (0 d-2 ),....,E d-i (0 i ),....,E d-1 (0 1 ),E d (0),E d (e) Wherein E is i (·)=E(E i-1 (-) and 0 i Is with E (0) i-1 ) 0 strings of identical length. Although these ciphertexts have the same length, they can be decrypted and their type found. Thus, different types of arrays result in different types of outputs, which show additional information of the array. When the second data query system obtains a response from the third data query system, decryption is performed at most d times to obtain plaintext. During decryption, the second data polling system may encounter ciphertext or a 0 string. As can be seen from the above, the third data query system further represents query data of the target user to be queried information subjected to at least one first encryption process.
In order to prevent the query results of the target user and other users in the user group from being back-pushed and revealed, in the performing the iterative process, the third data query system further performs the following steps: adding each query result in the new query result set to the first noise data, repeating each process using the new space constructed by the (i+1) -th dimension sub-query request and the remaining dimension sub-query request, and adding the new query data set of the first noise data. The first noise data may be data obtained by performing a first encryption processing on the value 0. For example, each query result E (a) in the query dataset is expressed by the formula E (x) E (y) =e (x+y) 33 ) Multiplying E (0) to obtain a query result containing first noise data, namely E (E (a) 33 ))E(0)=E(E(a 33 )+0)。
In yet other specific examples, to avoid the first data query system obtaining query results for which the target user has a null in the third data query system; wherein the value represented as null may be the number 0.
In step S340, the third data query system feeds back the obtained query result of the corresponding target user according to the obtained query service.
In some examples, the third data query system feeds back query results to the first data query system. In still other examples, the third data query system feeds back query results to the second data query system.
It should be noted that, the data query method provided by the third data query system is not limited to the query method for loan application. The target users, user groups, and respective corresponding query data (sets) should be adapted to the respective application scenario for adaptation. In some descriptions that are more generic to database queries, the target user may correspond to a target object and the group of users may correspond to a group of objects. The target object corresponds to a first data item which can be stored in the database, and the query result is a second data item which is stored in the database and has an association relation with the first data item set based on the index or data which is preprocessed based on the second data item. The group of objects may be considered a query scope, which may also be exemplified by a time scope, an index scope, a condition scope, etc. For example, in the query business of productivity index evaluation, environment index evaluation and the like of government supervision enterprise production, the data query mode can be utilized to obtain the production index information in the enterprise self production index database for evaluation under the condition of no leakage of production operation conditions. In another example, when the movie box office is counted, the actual ticket selling situation for a certain movie can be obtained for counting by utilizing the data query mode under the condition that the operation condition of the cinema is not revealed. For another example, when the multi-e-commerce platform selects the warehouse, the data query mode can be utilized to acquire the data aiming at the consumption area for statistics and the like under the condition of not leaking the order information of each e-commerce platform. It follows that terms provided in the data query means provided by the third data query system (e.g., target users, user groups, etc.) should be understood broadly without limiting the query traffic generation, subsequent processing of the query results.
Taking the case that the third data query system feeds back the query result to the first data query system, the first data query system obtains the query result provided by at least one third data query system (i.e. data source):
in step S220, the first data query system fuses the query results corresponding to the target user and the information to be queried obtained from at least one third data query system according to the query service, and feeds back the query results to the second data query system.
The first data query system collects query results fed back by each third data query system according to the query service, and fuses the query results together so as to provide complete query results for the second data query system. Correspondingly, the second query system executes step S120 to obtain a query result of the corresponding target user according to each query service.
In some examples, to confirm that the query results summarized from the data sources are consistent with the verification data provided by the target user, the first data query system further performs the steps of: generating second noise data; scrambling each query result from each data source and the second noise data to obtain a scrambling result; acquiring verification data generated based on the query service and a random number from a target user; obtaining verification data based on the random number and the second noise data; and sending the disturbing result, the check data and the verification data to a second data query system. The second noise data may be a random number, for example, the second noise data is a value 0 or a promise value of the value 0 obtained by at least one first encryption process.
In one aspect, the first data query system performs scrambling processing on the fused query result and the second noise data according to a differential privacy technique. On the other hand, the first data query system acquires verification data corresponding to the information to be queried, which is provided by the target user. The verification data is a summary of query results of each data source, for example, a summarized promise value of query data plaintext of each data source. The first data query system transmits the collected scrambling result, verification data, and verification data to the second data query system.
Taking a loan scenario as an example, wherein the third data query system may be considered a lender, the first data query system may be considered a proxy, and the second data query system may be considered a querier. Query at a third data query systemAfter the results are sent to the first data query system, the first data query system generates a noisy PIR response (i.e., the second noisy data) to make it impossible for the initiator to distinguish what type of output the second data query system sent. Other possible output lengths are equal than 0. In order to prevent the first data query system from learning additional information from the output, the third data query system uses E when the output is 0 d (0) And replacing the output. The first data query system then generates second noise data. Ciphertext of 0 character string, i.e. E (0) d-1 ),E 2 (0 d-2 ),....,E d-i (0 i ),....,E d-1 (0 1 ),E d (0) May be generated directly by the first data querying system using the public key of the second data querying system. But in order to hide the amount of promised ciphertext, i.e. E d (e) Where E is the commitment, the first data querying system generates a commitment of 0, i.e., F (0), which is then encrypted as E d (F (0)). Since the second data query system cannot distinguish the commitment of 0 from other commitments, it cannot be determined whether the commitment is from the first data query system or the third data query system as long as the noise generation algorithm achieves strong privacy. Meanwhile, since the second noise data is a ciphertext of 0 or F (0), the result of the consistency check is not affected. Specifically, the first data query system adds Laplace noise to achieve differential privacy [31 ]]. For i=1, 2.,. D, if the format is E d-i (0 i ) The type of response is a type i response. Furthermore, if the response is the promised ciphertext E d (F (x)), the type of response is a type 0 response.
Assume that a first data query system gathers n i The number of types i (i=0, 1, d) response. If the first data query system generates An individual type i noise response, wherein, for each i,/>And mixes it with the response from the lender, the first data query system causes each thirdThe type of response of the data querying system to the second data querying system implements (epsilon, delta) differential privacy, wherein +.>And->
The above description procedure shows that: if the first data query system adds an appropriate amount of noise, the second data query system cannot infer the type of response sent by each third data query system. Note that the above theorem considers the case where the second data inquiry system inquires the target user information only once. However, sometimes the second data querying system may query information of a particular target user multiple times (e.g., the target user may borrow money from the initiator multiple times). In order to still achieve (epsilon, delta) differential privacy in this case, the privacy budgets epsilon and delta can be split up each time. Specifically, the first data querying system distributes the budget evenly to k queries, such that each query individually implements (ε/k, δ/k) differential privacy.
After receiving the disturbing result, the verification data and the verification data, the second data query system executes step S130 to perform consistency verification on each obtained query result and the verification data provided by the target user.
The second data query system extracts each query result from the scrambled data, calculates the summary of each query result according to a preset ciphertext operation or plaintext operation, and compares the summary with the check data to determine whether the summary is consistent with the check data or not. For example, the check data and the query result are generated by a second encryption processing mode, and ciphertext operation which can be equivalent to plaintext consistency check is performed by using an operation mode corresponding to the second encryption processing, so as to obtain the summary of each query result; and then, according to the operation mode corresponding to the second encryption processing, whether the check data is consistent with the summary or not is checked.
In some examples, each query result extracted from the scrambled result by the second data query system is a query result obtained by d times of first encryption processing, so that the second data query system also performs decryption processing to obtain query data; and verifying that the obtained query data and the verification data are consistent based on the verification data.
The second data query system performs decryption processing on each query result d times according to the dimension of the generated query request to obtain query data fed back by each data source, calculates the verification data and the summary according to an operation mode corresponding to the second encryption processing, and if the obtained calculation result is consistent with the verification data, the verification data and the summary are consistent, otherwise, the verification data and the summary are not consistent.
The process of consistency check is described in a loan scenario example:
for each query result, the agent (first data query system) generatesNoise response of type i, where Meanwhile, the agent samples a random integer +.>And generate n 0 Commitment F (0, r) 1 ),F(0,r 2 )……F(0,r n ). Then proxy calculates +.>And encrypts promise to get n of type 0 0 And (5) responding. Finally, the agent mixes these responses with the responses (first noise data) collected from the borrower (third data querying system).
For each Si (third data query system), borrower b (target user) calculatesIn addition, the borrower generates the borrowerPromise of the sum of money c b =F(∑x ib ,r B ). The borrower will then select Deltar B =r B -∑r i Send to agent and send c b And sent to the initiator (second data query system) through the agent.
The proxy scrambles the response and calculates Δr= Δr B -r F The response and Δr are then sent to the initiator.
The initiator initializes the empty set C and decrypts the response. If the response type is a type 0 response, the originating direction C adds the promise contained in the response. Finally, if c b =h △r Proxy computingAnd a check is performed.
When the second data query system determines consistency, the second data query system further executes step S140, namely, performs evaluation calculation corresponding to the query requirement based on each query result when the consistency is met.
In accordance with the query requirements mentioned herein, in some examples, the query requirements include at least one of: the requirements generated by the target user based on the summation or statistics are queried and summarized. For example, the second data query system may evaluate the loan qualification applied by the target user based on a summary of the obtained query results. For example, if the number of loans exceeds the preset number of loans threshold based on the summary, the target user is assessed to not have the qualification to continue the loan. For another example, if the sum determines that the loan balance is less than the preset loan balance threshold, the target user is evaluated to be available for loan.
In still other examples, the query results to which the query requirement relates risk being compromised by the first data query system or the second data query system. For example, to evaluate whether the loan balance of the querying target user is within the query requirement within the preset interval, the second data query system needs to obtain the sum of the query results of the data sources. To prevent the sum of the query results mentioned in the above example and generalize to the summary of other query data with the possibility of being back-pushed out of plaintext by the second data query system, the step S140 includes: acquiring data to be evaluated provided by a target user and proving information corresponding to the data to be evaluated based on the query requirement; verifying that query data in the obtained query result and data to be evaluated accord with a preset corresponding relation based on the proving information; and after the verification is passed, carrying out evaluation calculation corresponding to the query requirement based on the obtained query results and the data to be evaluated.
The second data query system obtains data to be evaluated for evaluation calculation and proving information corresponding to the data to be evaluated from a target user according to query requirements. Wherein the attestation information is a sequence of values generated based on the data to be evaluated and the summary, the attestation information being generated, for example, using a zero knowledge attestation algorithm. The second data query system determines that the summary of the data to be evaluated provided by the target user and the query result has a predicted corresponding relation based on verification calculation constructed by zero knowledge proof, so the data to be evaluated provided by the target user is credible. For example, variance calculations are performed based on query requirements, e.gWherein (1)>Is based on a summary of the consistency-confirmed query results, (Σx) i ) 2 Is the data to be evaluated (also the promise value) which needs to be obtained from the target user side. The second data query systems are respectively under the condition of being respectively confirmed by the promise F (x i ) And->The two promise values obtained on the two data sets are respectively recorded asF 0 =F(∑x i ) Wherein, in calculating->F in (F) 0 The sigma x needs to be known when calculating the square i Instead, the step adopts the method that the target user sends the promise F of squaring the total balance 2 =F((∑x i ) 2 ) And its certification information, such as a sequence of values based on a zero knowledge proof algorithm, etc. By verifying the certification information, certify F 2 The promise is indeed F 0 Square of promise, then in the evaluation calculation containing variance, the variance can be calculated as +.>Using the resulting variance, a statistical evaluation of the target user, e.g., loan fluctuations, may be performed.
The method for obtaining the data to be evaluated provided by the target user by the certification information can also be used for comparing whether the loan balance of the target user is in a preset interval or not so as to evaluate the judgment of the subsequent loan amount of the target user. Generalizing to a broader scenario based on the loan example described above, the query requirement may also be at least one of: inquiring and summarizing whether the inquiry data of the target user is in a preset interval or not, and inquiring and summarizing fluctuation of the inquiry data of the target user.
Summarizing the above evaluation schemes, the second data query system may obtain a query result in the following format:
where θ is a public parameter, t is a private input known only to the second data querying system, b is the borrower identity (i.e., target user) that should not be revealed to the third data querying system, x ib Is private data of the target user b and each third data query system Si, and f is a function cooperatively executed by the target user and the second data query system. For example, in the loan stacking problem, x ib Is the borrowing amount of Si borrowing the target user b, t can be the private threshold of the initiator for the target user, and f is the return t andis a function of the comparison result of (a).
Based on the descriptions of the above examples, the data query system formed by the first data query system, the second data query system and the third data query system provides the processing procedures of safe data query, consistency assessment and business assessment based on query results. It should be noted that, the foregoing examples merely describe the data processing procedure of each data query system, and according to the actual application scenario, some of the functions in the first data query system may be integrated in the second data query system or integrated in the third data query system. Similarly, some of the functionality in the second data querying system may also be integrated in the first data querying system.
In still other embodiments, data security is critical for applications such as finance, personal credit, etc., and the data query system also needs to perform verification of query traffic generated based on query requirements before performing data queries. In some examples, the query service may be used as a validation request only to perform the validation operations described above. In still other examples, the query service may continue query operations directly after verification passes, thereby reducing multiple data communications resulting from verification.
Here, the aforementioned query service is used as one type of authentication request for the authentication operation, which may be triggered based on an authentication request dedicated to authentication in some scenarios. Wherein the authentication request comprises a first encrypted query request; the query request is used for acquiring a query result of a target user from a user group, and the verification request is used for verifying that the action of initiating the verification request is authorized by the target user; the dimension of the query request is at least one dimension.
Referring to fig. 15, a flowchart of a method for verifying authority is shown. Here, the rights verification method is mainly initiated by the second verification system and verified by the first verification system, wherein at least the first verification system and the second verification system perform data interaction based on the verification method provided by the application during the execution of the verification process. Taking the foregoing data query system as an example, the second data query system may be regarded as a second verification system, and the first data query system may be regarded as a first verification system. To this end, in a computer system that integrates data querying and rights verification, a technician may describe the first data querying system as a software system that includes the first verification system, or describe the first verification system as a software system that includes the first data querying system. Similarly, the technician may describe the second data polling system as a software system that includes the second verification system, or the second verification system as a software system that includes the second data polling system, without limitation. For simplicity of description, the following does not exemplify the correspondence between the second verification system and the second data query system, and similarly, does not exemplify the correspondence between the first verification system and the first data query system.
In step S111, the second verification system sends a verification request to the first verification system based on a verification requirement; wherein the authentication request comprises a first encrypted query request; the query request is used for acquiring a query result of a target user from a user group, and the verification request is used for verifying that the action of initiating the verification request is authorized by the target user; the dimension of the query request is at least one dimension.
Wherein the authentication requirement may be generated exclusively for authentication, for example, for authentication of an application for a second data query system for opening a query service. The validation requirement may also be generated based on a query requirement, such as a loan application being submitted off-line by the target user, based on which the party receiving the loan application generates the query requirement, which itself represents the validation requirement or contains the validation requirement. For simplicity of description, the following does not exemplify the correspondence between the verification requirement and the query requirement, and similarly, does not exemplify the correspondence between the verification request system and the query request.
The information contained in the verification request may be the same as or similar to the information contained in the aforementioned query service, and will not be described in detail herein. Similarly, the step S111 is the same as or similar to the execution of the step S110 described in the previous example, and will not be described in detail here.
After the first verification system receives the verification request, step S230 is executed, i.e. the verification request provided by the second verification system is verified. After the second data query system performs the verification step and passes the verification, the second data query system performs the step of forwarding the query service in the step S210, otherwise, the second data query system does not forward the query service.
Wherein, depending on the design requirements for authentication request security, the first authentication system may perform at least one of the following authentication without knowing the sensitive data of the target user: verifying the identity of the target user, verifying that the query service is authorized via the target user, and verifying that the format of the query request is legal. A verification operation is performed based on the query request and using at least one attestation information.
In order to avoid that sensitive data involved in the above-mentioned respective authentication operations are compromised, the authentication operations are performed based on the authentication request and using at least one kind of attestation information. Wherein, according to the purpose to be verified, the corresponding certification information can come from the target user and/or the second verification system; the first verification system verifies the authenticity of any one or more of the above information using the held data and the acquired attestation information. Wherein the corresponding attestation information may be generated based on zero knowledge attestation.
To this end, the present application provides various embodiments regarding identity authentication and authorization built on the basis of the following protocol examples:
a) The first verification system generates a random number r e And sending to a third verification system;
b) When receiving r e Third verification System b calculatesPublic key pk using a second authentication system l = (n, g), the third authentication system encrypts y to c=g y r n Wherein->The third verification system then sends c to the first verification system and proves to the first verification system that he knows the zero knowledge proof of plaintext (i.e., y) in c;
c) For group gid b Each user u in the list, the first verification system calculatesAnd will y u Sending to an initiator;
d) The second verification system generates PIR query q and sends a query and zero knowledge proof to the first verification system that proves that the query has the correct format.
e) Second verification System calculationUsing q, r and y u The initiator generates a zero knowledge proof that is used to prove that for each i e {1,2,..d }, ciphertext c is encrypted by the same number as one of the ciphertexts generated by the sub-query of dimension i. The second verification system then sends the proof to the first verification system;
f) Finally, the first verification system verifies the following information based on the proof from the third verification system and the second verification system: 1) The third verification system really knows the plaintext encrypted in c; 2) The second verification system verifies that the query is in the correct format; 3) For each i e {1,2,., d }, ciphertext c encrypts the same number as one of the ciphertexts generated by the sub-query of dimension i.
The above parameters will also appear in the description of the examples below.
In some examples, the step S230 includes: and verifying the identity of the target user in the query service submitted by the second verification system.
Here, to avoid revealing sensitive data of the target user, such as identity information, the first verification system verifies the identity of the target user in the verification request submitted by the second verification system by using the first proof information from the target user.
For example, assume that the second verification system wants to query the loan information of the target user without permission from the target user. The second authentication system first finds a masquerade person masquerading as the target user. When the second authentication system anonymously communicates with the first authentication system, no participant (except the second authentication system) knows the true identity of the participant on the other side of the anonymity channel. The second verification system then sends a query to obtain the loan information for the target user.
Here, to determine that the identity authentication of the target user is legal, each user in the user group is a member registered in advance herein, or each user in the user group may be registered in a notarized (or trusted) third party. For example, a user registered in real name in the first authentication system. And for example, each verification system is uniformly connected with the public security department identity card data system.
The first verification system may send a first random number to each user in the group based on the user group to obtain a second random number and first attestation information thereof fed back by the target user. Wherein the first random number may be randomly generated by the first authentication system or the first random number may be generated by the first authentication system based on a key shared with each user separately, which may be used to authenticate the identity of each user in the group. The user equipment used by the target user is provided with a third verification system for carrying out identity verification by matching with the first verification system, the third verification system can confirm the correctness of the secret key by decrypting the first random number, and the second random number and the first certification information are generated based on the first random number. The first proving information is a group of value sequences which are generated by the third verification system based on a zero knowledge proving algorithm and used for proving the identity of the target user. The first verification system verifies that the first verification information can prove that the identity of the target user is one member of the user group by using a zero knowledge proof algorithm based on the first verification information and the second random number, thereby passing the identity verification of the target user. The authentication can prove that the identity information of the target user is not a fake user.
For example, the first authentication system sends to each user in the group of users a shared key, a random number, and a day based onFirst random number r to participate in calculation e Wherein a third authentication system held by the target user is based on the first random number r e A pseudo-random number y is obtained and encrypted and recorded as a second random number c, and at the same time, the third verification system also generates a second random number for verifying y=y b And transmits the second random number c and the first certification information zkp1 to the first verifying system, which verifies zkp that there is a preset correspondence between c and the first certification information zkp1 based on c. For example, the correspondence relationship is expressed as:where a, z1 and z2 are values in zkp, and g and n are parameters in the public key. />
In still other examples, the step S230 further includes: and verifying whether the verification request submitted by the second verification system is authorized by the target user. This step is intended to confirm that the target user does authorize the second authentication system to initiate an authentication request, rather than a forged authentication request. Here, to verify the authorization, the first verification system and the second verification system cooperatively execute for the first verification system to complete the verification. In one example, the step includes verifying, using second attestation information from the second verification system, whether a verification request submitted by the second verification system is authorized by the target user.
The first verification system and the second verification system cooperatively execute the following steps to realize that the first verification system verifies whether the verification request is authorized by the target user. The second verification system generates second proving information based on a to-be-verified data set which is provided by the first verification system and is related to the dimension of the query request, and sends the second proving information to the first authority verification system; wherein the second attestation information is used to attest that the verification request is authorized by the target user.
Specifically, in step S231, the first authentication system is configured to, for each user in the group of users, based on the secret key and the first random number that are individually shared with each userThe user generates a third random number to obtain a random number set corresponding to the user group. The random number set is obtained by encrypting each key and the first random number. For example, the first verification system utilizes the formulaObtaining a pseudo-random number y corresponding to each user u And encrypts the pseudo-random number to obtain encrypted data (also called a third random number) c corresponding to each user u Wherein r is e For the first random number, date is the date of the calculation, +. >Is an encryption algorithm, y is a plaintext y held by each corresponding user b The first authentication system is used for authenticating each user y in the user group u Encryption is performed to obtain encrypted data c u And obtains a random number set { c } u }。
In step S232, the first verification system associates each third random number in the set of random numbers with a position representing a space constructed based on the dimension of the query request; and calculating each sub-query element in each dimension of the query request and the corresponding random number in the random number set to obtain a data set to be verified in the corresponding dimension. Referring to FIG. 16, a query request q is shown as 2-dimensional and is formed into a (3×4) matrix with a set of random numbers { c } u Each third random number c in } u Corresponding to the space position formed by the (3×4) matrix, and respectively performing exponential product on each sub-query element q1j on the column corresponding to the first dimension and each third random number in the same column to obtain an encrypted value of the third random number with the value 1 corresponding to the sub-query element on the column corresponding to the first dimensionRespectively carrying out exponential product on each sub-query element q2j on the column corresponding to the second dimension and each third random number in the same column, and converging to obtain an encryption value +. >Wherein j is more than or equal to 1 and k is more than or equal to k. Based on the above example and generalized to higher dimension calculations, the first authentication system gets +.>And the formed data set to be verified, wherein i is more than or equal to 1 and less than or equal to d, and d is the dimension number of the query request.
In step S233, the first verification system verifies the resulting data set to be verified for each dimensionThe set of random numbers { c } u And transmitting the second authentication system.
In step S131, the second verification system generates second certification information based on the set of data to be verified and the set of random numbers related to the dimension of the query request, and sends the second certification information to the first verification system; wherein the second attestation information is used to attest that the verification request is a sequence of values that result in authorization of the target user.
For example, c * ik Is the i-th dimension elementAnd->The result of the exponential product operation along the ith column, if the ith of the ith dimension b The element E (1) is ∈ ->Wherein (1)>/>
The second verification system knows all r, and c corresponds to r. Enabling the position pid of the target user to correspond to i b k b Its plaintext satisfiesFor ik+.i b k b :/>
Second authentication system random generationE k And z k Calculate->For ik=i b k b ,/> Generating the second attestation information includes: a, a b =ω n ,ω∈ R 2 len < min (p, q), where p and q are prime numbers;
In step S234, the first verification system acquires the fed-back second certification information zkp as { a } b ,e b ,z b -a }; and verifying that the verification request submitted by the second verification system is authorized by the target user based on the second attestation information. Wherein the second attestation information is obtainable by a second verification system based on a zero knowledge attestation algorithm and comprises a sequence of values for attesting that the verification request is to be authorized by the target user.
For example, the first verification system verifies ZKP 2 =(a k ,e k ,z k ) The method meets the following conditions:a kind of electronic device with high-pressure air-conditioning system Where k represents the location of the target user in the i-th dimension. Wherein when passing the second certification messageDemonstration of the information->And c, when the two codes correspond to the same plaintext, verifying that the query service is authorized by the target user and the identity authentication of the target user is passed.
In still other examples, particularly for multidimensional query requests, since the query result data of the target user is extracted on the data source side, the query result of the corresponding target user is calculated by adopting a dimension-by-dimension "folding" manner, so in the query mode based on the data, the data query needs to be performed for a single target user. The step S230 further includes verifying the format validity of the first encrypted query submitted by the second data query system. Wherein this step aims at verifying whether the format of the query request corresponds to the format of the query request for a single target user. In other words, according to the dimensions of the preset query request, it is determined that each dimension query request only includes one sub-query element E (1) with a value of 1, and the sub-query element E (1) with a value of 1 in each dimension corresponds to the same position in the space. For this, the step S230 includes: and verifying the format legitimacy of the query request submitted by the second verification system and subjected to the first encryption processing by using third proving information from the second verification system.
Wherein the first authentication system and the second authentication system cooperatively perform format authentication. Specifically, the second verification system performs step S132 of generating third certification information for certifying validity of the format based on the format of the query request in each dimension. The second verification system also sends third proving information for proving validity of the query format in the verification request when sending the verification request. Wherein the second verification system generates the third attestation information based on a zero knowledge attestation algorithm. The third attestation information includes a sequence of values for attesting to the query request as to and relating to only one user.
For example, the second verification system provides a sequence of values that attests to encryption of each sub-query element contained in the query request by only 0 and 1 plaintext. When sub-query elementWhen qij is encryption of plaintext 1, the formula is utilizedA sequence of values with a plaintext of 1 calculated for qij { (a) 1 ,e 1 ,z 1 ),(a 2 ,e 2 ,z 2 ) -a }; wherein (1)>a 2 =v n mod n 2 ;e=h(a 1 ,a 2 ,q ij ,date),e 2 =e-e 1 ;/>When the subquery element qij is an encryption of plaintext 0, the formula +.>The above-mentioned { (a) is obtained by exchanging 1 ,e 1 ,z 1 ),(a 2 ,e 2 ,z 2 ) Formulation of value sequences, i.ea 1 =v n mod n 2 ;e=h(a 1 ,a 2 ,q ij ,date),e 1 =e-e 2 ;/>From this it is demonstrated that qij corresponds to the value sequence of plaintext 0 { (a) 1 ,e 1 ,z 1 ),(a 2 ,e 2 ,z 2 )}。
The second verification system also provides a sequence of values for proving that the target user has only one. For example, a second verification system is provided for proving The plaintext of (1) is 1 and its value sequence p i = (a, e, z); wherein the formula for obtaining the sequence of values comprises: />a=v n mod n 2 ;e=h(a,q i ,date);/>
The second verification system compares the obtained value sequence of proof qij corresponding to plaintext 0 { (a) 1 ,e 1 ,z 1 ),(a 2 ,e 2 ,z 2 ) -a }; value sequence proving that qij corresponds to plaintext 1 { (a) 1 ,e 1 ,z 1 ),(a 2 ,e 2 ,z 2 ) -a }; and a sequence of values (a, e, z) proving that only one of the target users is sent to the first authentication system.
The first authentication system performs the following steps in step S230: and verifying the format legitimacy of the query request submitted by the second verification system and subjected to the first encryption processing by using third proving information from the second verification system.
The first verification system acquires third proving information for proving format validity of the query request in each dimension; and verifying format legitimacy of the query request based on the third attestation information. Wherein the third attestation information is generated based on the query request.
Continuing with the example of step S132 above, the first verification system performs the following formula:and->To verify q ij The corresponding plaintext in (a) contains only 0 and 1; by applying the following formula: z n =a(g -1 q i ) e mod n 2 To verify that plaintext 1 in the query request corresponds to the same target user.
In some examples, after each verification is passed, the second data query system executes step S210 to forward the query service to the third data query system, so that the third data query system executes steps S310 to S340, and feeds back the query result of the target user; and the first data query system continues to execute step S220, and the second data query system executes steps S120-S140. Examples of the above steps are the same as or similar to those of the corresponding steps described above, and will not be described in detail herein.
Based on the description of each example, the architecture, the query method and the permission verification method provided by the application can realize data transmission, query and permission verification on the basis of data security, and realize the purpose of obtaining a data processing result corresponding to plaintext operation based on ciphertext operation.
Here, it should be noted that the partial type of random number used in each of the above examples may be a pseudo random number generated from a given random number seed, and a pseudo random function, and the pseudo random number may be a deterministic function that takes a character string as an input and outputs a value that looks random. Wherein the pseudo-random function is exemplified by PRF s (x) The PRF function using s as seed and x as input is shown. The partial type of random number includes PRF used by the target user (e.g., borrower) and the third data lookup system (e.g., borrower) s A commitment random number is generated.
Fig. 17 is a schematic diagram of a software architecture of the data query system according to the present application. The data query system comprises a first data query system, a second data query system and a third data query system.
The first data query system includes: the system comprises a first communication module and a query fusion module. The second data query system includes: the system comprises a second communication module, a data processing module, a verification module and an evaluation module. The third data query module includes: the system comprises a third communication module, a data set query module and a query result generation module.
The second communication module is configured to execute step S110; the first communication module is configured to execute the foregoing step S210; the third communication module is configured to execute the foregoing step S310; the data set query module is configured to execute the foregoing step S320; the query result generation module is configured to execute the foregoing step S330; the query fusion module is used for executing the step S220; the verification module is used for executing step S120; the verification module is used for executing step S130; the evaluation module is used for executing step S140.
The above modules correspond to the steps of the data query method, and the execution process thereof corresponds to the corresponding steps, which are not described in detail herein.
Fig. 18 is a schematic diagram of a software architecture of the rights verification system according to the present application. The right verification system comprises a first verification system, a second system and a third verification system. Wherein, according to the foregoing example, the first authentication system may be coupled to the first data querying system, the second authentication system may be coupled to the second data querying system, and the third authentication system may be coupled to a user device held by the target user.
The first verification system comprises a third communication module and a verification module; the second verification system includes: the device comprises a fourth communication module and a cooperation verification module. A third authentication system is for providing, in coordination with the first authentication, attestation information for authenticating the identity of the target user in the act of initiating the authentication request.
The fourth communication module is configured to execute the foregoing step S111; the third communication module is used for correspondingly acquiring the verification request. The third authentication system, the authentication module, and the cooperative authentication module cooperatively perform the steps mentioned in the foregoing step S230.
The above modules correspond to the steps of the authority verification method, and the execution process thereof corresponds to the corresponding steps, which are not described in detail herein.
In addition, the verification system and the data query system are cooperatively executed to verify the behavior of the second data query system for initiating the query service, and the data query method is continued after the verification is passed; for this purpose, the third communication module and the first communication module may be the same communication module, and the second communication module and the fourth communication module may be the same communication module.
The present application also provides a computer readable storage medium storing a data query computer program which when executed implements the data query method described in relation to fig. 2 of the above embodiments.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present application.
In the embodiments provided herein, the computer-readable storage medium may include read-only memory, random-access memory, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, flash memory, U-disk, removable hard disk, or any other medium that can be used to store desired program code in the form of instructions or data structures and that can be accessed by a computer. In addition, any connection is properly termed a computer-readable medium. For example, if the instructions are transmitted from a website, server, or other remote source using a coaxial cable, fiber optic cable, twisted pair, digital Subscriber Line (DSL), or wireless technologies such as infrared, radio, and microwave, then the coaxial cable, fiber optic cable, twisted pair, DSL, or wireless technologies such as infrared, radio, and microwave are included in the definition of medium. It should be understood, however, that computer-readable and data storage media do not include connections, carrier waves, signals, or other transitory media, but are intended to be directed to non-transitory, tangible storage media. Disk and disc, as used herein, includes Compact Disc (CD), laser disc, optical disc, digital Versatile Disc (DVD), floppy disk and blu-ray disc where disks usually reproduce data magnetically, while discs reproduce data optically with lasers.
In one or more exemplary aspects, the functions described by the computer program of the mapping device or the computer program interoperating between multiple devices of the present application may be implemented in hardware, software, firmware, or any combination thereof. When implemented in software, these functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium. The steps of a method or algorithm disclosed in the present application may be embodied in a processor-executable software module, which may be located on a tangible, non-transitory computer-readable and writable storage medium. Tangible, non-transitory computer readable and writable storage media may be any available media that can be accessed by a computer.
The flowcharts and block diagrams in the figures described above illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In summary, the data query and calculation method and system, and the storage medium of the present application can prevent the disclosure of sensitive information of the target user by using the query request processed by encryption, and can effectively prevent the disclosure of the query result by using the query result processed by encryption. Therefore, when the query service and the query result forwarding party (such as the first data query system) and the query result provider (such as the data source) can not acquire the target user and the query result, the application of sharing, fusing, evaluating and the like by using the sensitive data is realized.
The above embodiments are merely illustrative of the principles of the present application and its effectiveness, and are not intended to limit the application. Modifications and variations may be made to the above-described embodiments by those skilled in the art without departing from the spirit and scope of the application. Accordingly, it is intended that all equivalent modifications and variations of the application be covered by the claims, which are within the ordinary skill of the art, be within the spirit and scope of the present disclosure.

Claims (30)

1. A rights verification method performed in a first verification system, comprising:
receiving a verification request sent by a second verification system; wherein the authentication request comprises a first type of encrypted query request for obtaining a query result of a target user from a group of users; wherein the authentication request is used to authenticate that the action that initiated the authentication request is authorized by a target user; the dimension of the query request is at least one dimension;
Performing an authentication operation based on the authentication request and using at least one piece of attestation information:
verifying the identity of the target user in the verification request submitted by the second verification system by using the first certification information from the target user:
transmitting a first random number for verifying identity authentication of the target user to the target user;
receiving a second random number fed back by a target user and first proving information of the second random number; wherein the second random number is generated based on the first random number;
verifying the identity of the target user based on the first attestation information and the second random number;
and verifying whether the verification request submitted by the second verification system is authorized by the target user by using second proving information from the second verification system.
2. The rights verification method of claim 1, wherein the first attestation information comprises a set of sequences of values used to attest to the identity of the target user.
3. The authority verification method according to claim 1, wherein the step of verifying whether the verification request submitted by the second verification system is authorized by the target user using the second certification information from the second verification system comprises:
Generating a third random number for each user based on a secret key and a first random number which are independently shared with each user in the user group, so as to obtain a random number set of the corresponding user group;
based on the space constructed by the dimension of the query request, corresponding each third random number in the random number set to the position representing the space;
calculating each sub-query element in the sub-query request in each dimension of the query request and a corresponding third random number in the random number set, and obtaining a data set to be verified in the corresponding dimension;
transmitting the obtained data set to be verified in each dimension and the random number set to a second verification system, and acquiring the fed-back second proving information;
verifying that the verification request submitted by the second verification system is authorized by the target user based on the second attestation information.
4. A rights verification method as claimed in claim 3, wherein said second attestation information comprises a sequence of values for attesting that said verification request is authorized by said target user.
5. The rights verification method of claim 1, wherein the step of performing a verification operation based on the verification request and using at least one certification information further comprises:
And verifying the format legitimacy of the query request submitted by the second verification system and subjected to the first encryption processing by using third proving information from the second verification system.
6. The rights verification method of claim 5, wherein verifying the format validity of the first-type encrypted query submitted by the second verification system using the third certification information from the second verification system comprises:
acquiring third proving information for proving format legality of the query request in each dimension; wherein the third attestation information is generated based on the query request;
and verifying the format validity of the query request based on the third proving information.
7. The rights verification method of claim 6, wherein the third attestation information includes a sequence of values for attesting to the query request as being related to and associated with only one user.
8. The authority verification method according to claim 1, wherein the first encryption process is set based on homomorphic encryption.
9. A rights verification method performed in a second verification system, comprising:
Transmitting a verification request to the first verification system based on a verification requirement; wherein the authentication request comprises a first encrypted query request; the query request is used for acquiring a query result of a target user from a user group, and the verification request is used for verifying that the action of initiating the verification request is authorized by the target user; the dimension of the query request is at least one dimension;
generating second attestation information based on a to-be-verified data set related to the dimension of the query request provided by the first verification system:
acquiring the data set to be verified and a random data set; wherein the set of random numbers is generated based on a secret key and a first random number shared separately between the first authentication system and each user in the user group where the target user is located; the data set to be verified is obtained by calculating a third random number corresponding to each position of the space in a random number set and each sub-query element in the sub-query request in each dimension of the query request based on the space constructed by the query request;
obtaining second proving information based on the data set to be verified and the random number set;
transmitting the second certification information to a first authority verification system; for said first authentication system to prove that the act of initiating said authentication request is authorized by a target user; wherein the second attestation information is used to attest that the verification request is authorized by the target user.
10. The rights verification method of claim 9, further comprising the step of generating third attestation information based on the query request and transmitting to a first verification system to verify the format legitimacy of the first encrypted query request.
11. The authority verification method according to claim 10, wherein the step of generating third certification information based on the query request includes:
third certification information for certifying the validity of the format is generated based on the format of the query request in each dimension.
12. The rights verification method of claim 11, wherein the third attestation information includes a sequence of values for attesting to the query request as to and in relation to only one user.
13. The authority verification method according to claim 9, wherein the first encryption process is set based on homomorphic encryption.
14. A first authentication system, comprising:
the first communication module is used for receiving a verification request sent by the second verification system; wherein the authentication request comprises a first type of encrypted query request for obtaining a query result of a target user from a group of users; wherein the authentication request is used to authenticate that the action that initiated the authentication request is authorized by a target user; the dimension of the query request is at least one dimension;
A verification module for performing a verification operation based on the verification request and using at least one type of certification information; the verification module is used for executing the following steps:
verifying the identity of the target user in the verification request submitted by the second verification system by using the first certification information from the target user:
transmitting a first random number for verifying identity authentication of the target user to the target user;
receiving a second random number fed back by a target user and first proving information of the second random number; wherein the second random number is generated based on the first random number;
verifying the identity of the target user based on the first attestation information and the second random number;
and verifying whether the verification request submitted by the second verification system is authorized by the target user by using second proving information from the second verification system.
15. The first verification system of claim 14, wherein said first attestation information comprises a set of sequences of values for attesting to an identity of said target user.
16. The first authentication system of claim 14, wherein the step of verifying whether the authentication request submitted by the second authentication system is authorized by the target user using second attestation information from the second authentication system comprises:
Generating a third random number for each user based on a secret key and a first random number which are independently shared with each user in the user group, so as to obtain a random number set of the corresponding user group;
based on the space constructed by the dimension of the query request, corresponding each third random number in the random number set to the position representing the space;
calculating each sub-query element in the sub-query request in each dimension of the query request and a corresponding third random number in the random number set, and obtaining a data set to be verified in the corresponding dimension;
transmitting the obtained data set to be verified in each dimension and the random number set to a second verification system, and acquiring the fed-back second proving information;
verifying that the verification request submitted by the second verification system is authorized by the target user based on the second attestation information.
17. The first authentication system of claim 16, wherein the second attestation information includes a sequence of values for attesting that the authentication request is authorized by the target user.
18. The first authentication system of claim 14, wherein the authentication module is further configured to perform the steps of:
And verifying the format legitimacy of the query request submitted by the second verification system and subjected to the first encryption processing by using third proving information from the second verification system.
19. The first authentication system of claim 18, wherein the step of the authentication module using third attestation information from the second authentication system to verify the format validity of the first type of encrypted query request submitted by the second authentication system is:
acquiring third proving information for proving format legality of the query request in each dimension; wherein the third attestation information is generated based on the query request;
and verifying the format validity of the query request based on the third proving information.
20. The first verification system of claim 19, wherein the third attestation information comprises a sequence of values for attesting to the query request as to and relating to only one user.
21. The first authentication system of claim 14, wherein the first encryption process is configured based on homomorphic encryption.
22. A second authentication system, comprising:
The second communication module is used for sending a verification request to the first verification system based on a verification requirement; wherein the authentication request comprises a first encrypted query request; the query request is used for acquiring a query result of a target user from a user group, and the verification request is used for verifying that the action of initiating the verification request is authorized by the target user; the dimension of the query request is at least one dimension;
the cooperation verification module is used for generating at least one piece of proving information based on the verification request so that the first verification system can prove that the action of initiating the verification request is authorized by a target user; the cooperation verification module is used for executing the following steps:
generating second proving information based on a to-be-verified data set related to the dimension of the query request provided by the first verification system;
acquiring the data set to be verified and a random data set; wherein the set of random numbers is generated based on a secret key and a first random number shared separately between the first authentication system and each user in the user group where the target user is located; the data set to be verified is obtained by calculating a third random number corresponding to each position of the space in a random number set and each sub-query element in the sub-query request in each dimension of the query request based on the space constructed by the query request;
Obtaining second proving information based on the data set to be verified and a random data set;
transmitting the second certification information to a first authority verification system; wherein the second attestation information is used to attest that the verification request is authorized by the target user.
23. The second authentication system of claim 22, wherein the orchestration authentication module is configured to generate at least one piece of attestation information based on the authentication request further comprises configured to generate third attestation information based on the query request and send the third attestation information to the first authentication system to verify the format legitimacy of the first encrypted query request.
24. The second verification system of claim 23, wherein the coordination verification module is configured to generate third proof information for proving validity of the format based on the format of the query request in each dimension, and send the third proof information to the first verification system to verify validity of the format of the first encrypted query request.
25. A second verification system as claimed in claim 24 wherein said third attestation information comprises a sequence of values for attesting to said query request as to and relating to only one user.
26. The second authentication system of claim 22, wherein the first encryption process is configured based on homomorphic encryption.
27. A rights verification system, comprising:
a first verification system as claimed in any one of claims 14 to 21;
a second verification system as claimed in any one of claims 22 to 26;
and the third verification system is used for providing certification information for verifying the identity of the target user in the action of initiating the verification request in cooperation with the first verification system.
28. A first computer system, comprising:
a storage device for storing at least one program;
interface means for communicating with at least one second computer system;
processing means for invoking said at least one program and coordinating said storage means and interface means for performing a rights verification method as claimed in any one of claims 1-8.
29. A second computer system, comprising:
a storage device for storing at least one program;
interface means for communicating with a first computer system;
processing means for invoking said at least one program and coordinating said storage means and interface means to perform a rights verification method as claimed in any one of claims 9-13.
30. A computer readable storage medium, characterized in that a rights verification computer program is stored, which, when executed, implements a rights verification method according to any one of claims 1-8 or a rights verification method according to any one of claims 9-13.
CN201910273140.9A 2019-04-04 2019-04-04 Authority verification method and system Active CN111784337B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201910273140.9A CN111784337B (en) 2019-04-04 2019-04-04 Authority verification method and system
PCT/CN2020/083174 WO2020200306A1 (en) 2019-04-04 2020-04-03 Data query and calculation method and system, and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910273140.9A CN111784337B (en) 2019-04-04 2019-04-04 Authority verification method and system

Publications (2)

Publication Number Publication Date
CN111784337A CN111784337A (en) 2020-10-16
CN111784337B true CN111784337B (en) 2023-08-22

Family

ID=72755469

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910273140.9A Active CN111784337B (en) 2019-04-04 2019-04-04 Authority verification method and system

Country Status (1)

Country Link
CN (1) CN111784337B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20240111842A1 (en) * 2020-12-24 2024-04-04 Boe Technology Group Co., Ltd. License authentication method and apparatus, electronic device, system, and storage medium
CN112949377A (en) * 2020-12-25 2021-06-11 深圳市鹰硕教育服务有限公司 Permission management method and system based on stroke order, OCR (optical character recognition) and artificial intelligence
CN113344551B (en) * 2021-07-05 2024-02-09 招商局金融科技有限公司 Multi-head credit giving method, device, equipment and medium based on zero knowledge proof technology

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0661846A1 (en) * 1993-12-30 1995-07-05 Jacques Stern Method for authenticating at least one identification device by a verification device using a zero-knowledge protocol
GB201321393D0 (en) * 2013-12-04 2014-01-15 Mastercard International Inc Pre-transaction data exchange
CN106296154A (en) * 2015-06-11 2017-01-04 阿里巴巴集团控股有限公司 Transaction methods and system
CN107547525A (en) * 2017-08-14 2018-01-05 复旦大学 A kind of method for secret protection of big data query processing
CN107679064A (en) * 2017-07-31 2018-02-09 平安科技(深圳)有限公司 Data query method, apparatus and computer-readable recording medium
CN108449336A (en) * 2018-03-16 2018-08-24 浙江创邻科技有限公司 Data traceability based on block chain and strong encryption method, apparatus, medium and system
CN108572968A (en) * 2017-03-09 2018-09-25 腾讯科技(深圳)有限公司 A kind of data query method, apparatus, server and system

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017184840A1 (en) * 2016-04-21 2017-10-26 Mastercard International Incorporated Method and system for contactless transactions without user credentials
US10812252B2 (en) * 2017-01-09 2020-10-20 Microsoft Technology Licensing, Llc String matching in encrypted data

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0661846A1 (en) * 1993-12-30 1995-07-05 Jacques Stern Method for authenticating at least one identification device by a verification device using a zero-knowledge protocol
GB201321393D0 (en) * 2013-12-04 2014-01-15 Mastercard International Inc Pre-transaction data exchange
CN106296154A (en) * 2015-06-11 2017-01-04 阿里巴巴集团控股有限公司 Transaction methods and system
CN108572968A (en) * 2017-03-09 2018-09-25 腾讯科技(深圳)有限公司 A kind of data query method, apparatus, server and system
CN107679064A (en) * 2017-07-31 2018-02-09 平安科技(深圳)有限公司 Data query method, apparatus and computer-readable recording medium
CN107547525A (en) * 2017-08-14 2018-01-05 复旦大学 A kind of method for secret protection of big data query processing
CN108449336A (en) * 2018-03-16 2018-08-24 浙江创邻科技有限公司 Data traceability based on block chain and strong encryption method, apparatus, medium and system

Also Published As

Publication number Publication date
CN111784337A (en) 2020-10-16

Similar Documents

Publication Publication Date Title
Yu et al. A blockchain-based shamir’s threshold cryptography scheme for data protection in industrial internet of things settings
Xu et al. Hybridalpha: An efficient approach for privacy-preserving federated learning
CN110419053B (en) System and method for information protection
CN109359974B (en) Block chain transaction method and device and electronic equipment
US20200044863A1 (en) Techniques for securing digital signatures using multi-party computation
CN109544129B (en) Block chain transaction method and device and electronic equipment
CN111095332A (en) Method and system for privacy-preserving social media advertising
CN111784337B (en) Authority verification method and system
CN111783108B (en) Data query and calculation method and system, and storage medium
CN111783109B (en) Data query method, system and storage medium
CN107851169B (en) Computing system, computing device, method thereof, and recording medium
US11379616B2 (en) System and method for providing anonymous validation of a query among a plurality of nodes in a network
Cha et al. Blockchain based sensitive data management by using key escrow encryption system from the perspective of supply chain
US11265166B2 (en) Distributed machine learning via secure multi-party computation and ensemble learning
US11856099B2 (en) Cryptographic pseudonym mapping method, computer system, computer program and computer-readable medium
CN110719176A (en) Logistics privacy protection method and system based on block chain and readable storage medium
US20200202018A1 (en) Smart privacy and controlled exposure on blockchains
CN114144783B (en) Cryptographic pseudonym mapping method, computer system, computer program and computer-readable medium
Li et al. Priexpress: Privacy-preserving express delivery with fine-grained attribute-based access control
Huynh et al. A reliability guaranteed solution for data storing and sharing
CN115913513B (en) Distributed trusted data transaction method, system and device supporting privacy protection
WO2021059098A1 (en) Partitioning a request into transactions for a blockchain
CN116596658A (en) Computation-controllable multiparty security credit assessment method and device
WO2020200306A1 (en) Data query and calculation method and system, and storage medium
CN114066449A (en) Multi-center collaborative supervision block chain user identity anonymity and tracking method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant